No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Can you explain the use-case a bit more? If you want to delete the webapp why not let pulumi delete the appsettings?

It actually about Azure KeyVault. It let's me create a Secret, but I don't have permissions to delete one. But I can delete the whole KeyVault! lol

Yeah that appears to be an Azure thing. And fwiw, I think the bigger picture here is that the user being used to run pulumi up/destroy would be set up with all accessPolicies, but other accessPolicies would be configured to manage what others can do.

Yeah, but creating a policy for the solitary reason of `pulumi destroy` is disappointing. Also, every user with KeyVault is going to run into this.

`pulumi state delete &lt;urn&gt;` is what you want. Once Pulumi forgets about a resource, it won't try to delete it.